GNUnet  0.11.x
Data Structures | Macros | Functions
gnsrecord_crypto.c File Reference

API for GNS record-related crypto. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_arm_service.h"
#include "gnunet_gnsrecord_lib.h"
#include "gnunet_dnsparser_lib.h"
#include "gnunet_tun_lib.h"
Include dependency graph for gnsrecord_crypto.c:

Go to the source code of this file.

Data Structures

struct  KeyCacheLine
 Line in cache mapping private keys to public keys. More...
 

Macros

#define LOG(kind, ...)   GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
 
#define CSIZE   64
 

Functions

ssize_t ecdsa_symmetric_decrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
 
ssize_t ecdsa_symmetric_encrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
 
static void derive_block_aes_key (unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Derive session key and iv from label and public key. More...
 
static struct GNUNET_GNSRECORD_Blockblock_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records. More...
 
struct GNUNET_GNSRECORD_BlockGNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records. More...
 
struct GNUNET_GNSRECORD_BlockGNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records, cache derived public key (also keeps the private key in static memory, so do not use this function if keeping the private key in the process'es RAM is a major issue). More...
 
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block)
 Check if a signature is valid. More...
 
enum GNUNET_GenericReturnValue block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
 
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_IDENTITY_PublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
 Decrypt block. More...
 
void GNUNET_GNSRECORD_query_from_private_key (const struct GNUNET_IDENTITY_PrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
 Calculate the DHT query for a given label in a given zone. More...
 
void GNUNET_GNSRECORD_query_from_public_key (const struct GNUNET_IDENTITY_PublicKey *pub, const char *label, struct GNUNET_HashCode *query)
 Calculate the DHT query for a given label in a given zone. More...
 

Detailed Description

API for GNS record-related crypto.

Author
Martin Schanzenbach
Matthias Wachs
Christian Grothoff

Definition in file gnsrecord_crypto.c.

Macro Definition Documentation

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)

Definition at line 38 of file gnsrecord_crypto.c.

◆ CSIZE

#define CSIZE   64

Function Documentation

◆ ecdsa_symmetric_decrypt()

ssize_t ecdsa_symmetric_decrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  ctr,
void *  result 
)

Definition at line 41 of file gnsrecord_crypto.c.

References GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, handle, and size.

Referenced by block_decrypt_ecdsa().

47 {
48  gcry_cipher_hd_t handle;
49  int rc;
50 
51  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
52  GCRY_CIPHER_MODE_CTR, 0));
53  rc = gcry_cipher_setkey (handle,
54  key,
56  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
57  rc = gcry_cipher_setctr (handle,
58  ctr,
60  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
61  GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size));
62  gcry_cipher_close (handle);
63  return size;
64 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static int result
Global testing status.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ ecdsa_symmetric_encrypt()

ssize_t ecdsa_symmetric_encrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  ctr,
void *  result 
)

Definition at line 69 of file gnsrecord_crypto.c.

References GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, handle, and size.

Referenced by block_create_ecdsa().

75 {
76  gcry_cipher_hd_t handle;
77  int rc;
78 
79  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
80  GCRY_CIPHER_MODE_CTR, 0));
81  rc = gcry_cipher_setkey (handle,
82  key,
84  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
85  rc = gcry_cipher_setctr (handle,
86  ctr,
88  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
89  GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, block, size));
90  gcry_cipher_close (handle);
91  return size;
92 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static int result
Global testing status.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ derive_block_aes_key()

static void derive_block_aes_key ( unsigned char *  ctr,
unsigned char *  key,
const char *  label,
uint64_t  exp,
const struct GNUNET_CRYPTO_EcdsaPublicKey pub 
)
static

Derive session key and iv from label and public key.

Parameters
ivinitialization vector to initialize
skeysession key to initialize
labellabel to use for KDF
pubpublic key to use for KDF

4 byte nonce

Expiration time 64 bit.

Set counter part to 1

Definition at line 105 of file gnsrecord_crypto.c.

References GNUNET_CRYPTO_AES_KEY_LENGTH, and GNUNET_CRYPTO_kdf().

Referenced by block_create_ecdsa(), and block_decrypt_ecdsa().

110 {
111  static const char ctx_key[] = "gns-aes-ctx-key";
112  static const char ctx_iv[] = "gns-aes-ctx-iv";
113 
115  ctx_key, strlen (ctx_key),
116  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
117  label, strlen (label),
118  NULL, 0);
119  memset (ctr, 0, GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
121  GNUNET_CRYPTO_kdf (ctr, 4,
122  ctx_iv, strlen (ctx_iv),
123  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
124  label, strlen (label),
125  NULL, 0);
127  memcpy (ctr + 4, &exp, sizeof (exp));
129  ctr[15] |= 0x01;
130 }
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:90
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_create_ecdsa()

static struct GNUNET_GNSRECORD_Block* block_create_ecdsa ( const struct GNUNET_CRYPTO_EcdsaPrivateKey key,
const struct GNUNET_CRYPTO_EcdsaPublicKey pkey,
struct GNUNET_TIME_Absolute  expire,
const char *  label,
const struct GNUNET_GNSRECORD_Data rd,
unsigned int  rd_count 
)
static

Sign name and records.

Parameters
keythe private key
pkeyassociated public key
expireblock expiration
labelthe name for the records
rdrecord data
rd_countnumber of records
Returns
NULL on error (block too large)

Definition at line 145 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_aes_key(), GNUNET_GNSRECORD_EcdsaBlock::derived_key, GNUNET_GNSRECORD_Block::ecdsa_block, ecdsa_symmetric_encrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_ecdsa_private_key_derive(), GNUNET_CRYPTO_ecdsa_sign_(), GNUNET_free, GNUNET_GNSRECORD_MAX_BLOCK_SIZE, GNUNET_GNSRECORD_records_get_size(), GNUNET_GNSRECORD_records_serialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_TYPE_PKEY, GNUNET_malloc, GNUNET_memcpy, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), payload, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_GNSRECORD_EcdsaBlock::purpose, GNUNET_TIME_Relative::rel_value_us, GNUNET_GNSRECORD_EcdsaBlock::signature, GNUNET_CRYPTO_EccSignaturePurpose::size, and GNUNET_GNSRECORD_Block::type.

Referenced by GNUNET_GNSRECORD_block_create(), and GNUNET_GNSRECORD_block_create2().

151 {
152  ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
153  rd);
154  struct GNUNET_GNSRECORD_Block *block;
155  struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
156  struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
157  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
158  unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
159  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
160  uint32_t rd_count_nbo;
161  struct GNUNET_TIME_Absolute now;
162 
163  if (payload_len < 0)
164  {
165  GNUNET_break (0);
166  return NULL;
167  }
168  if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
169  {
170  GNUNET_break (0);
171  return NULL;
172  }
173  /* convert relative to absolute times */
174  now = GNUNET_TIME_absolute_get ();
175  for (unsigned int i = 0; i < rd_count; i++)
176  {
177  rdc[i] = rd[i];
178  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
179  {
180  struct GNUNET_TIME_Relative t;
181 
182  /* encrypted blocks must never have relative expiration times, convert! */
183  rdc[i].flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
184  t.rel_value_us = rdc[i].expiration_time;
185  rdc[i].expiration_time = GNUNET_TIME_absolute_add (now, t).abs_value_us;
186  }
187  }
188  /* serialize */
189  rd_count_nbo = htonl (rd_count);
190  {
191  char payload[sizeof(uint32_t) + payload_len];
192 
194  &rd_count_nbo,
195  sizeof(uint32_t));
196  GNUNET_assert (payload_len ==
198  rdc,
199  payload_len,
200  &payload[sizeof(uint32_t)
201  ]));
202  block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block)
203  + sizeof(uint32_t)
204  + payload_len);
205  ecblock = &block->ecdsa_block;
206  block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
207  ecblock->purpose.size = htonl (sizeof(uint32_t)
208  + payload_len
209  + sizeof(struct
211  + sizeof(struct GNUNET_TIME_AbsoluteNBO));
213  ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
214  /* encrypt and sign */
216  label,
217  "gns");
219  &ecblock->derived_key);
221  skey,
222  label,
224  pkey);
225  GNUNET_break (payload_len + sizeof(uint32_t) ==
227  payload_len
228  + sizeof(uint32_t),
229  skey,
230  ctr,
231  &ecblock[1]));
232  }
233  if (GNUNET_OK !=
235  &ecblock->purpose,
236  &ecblock->signature))
237  {
238  GNUNET_break (0);
239  GNUNET_free (dkey);
240  GNUNET_free (block);
241  return NULL;
242  }
243  GNUNET_free (dkey);
244  return block;
245 }
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
GNUNET_NETWORK_STRUCT_END ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:395
Private ECC key encoded for transmission.
static struct GNUNET_SCHEDULER_Task * t
Main task.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
ssize_t ecdsa_symmetric_encrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
#define GNUNET_GNSRECORD_TYPE_PKEY
Record type for GNS zone transfer ("PKEY").
static void derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:529
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:170
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
uint64_t abs_value_us__
The actual value (in network byte order).
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
Signature of a gnunet naming system record block.
Time for absolute times used by GNUnet, in microseconds.
This expiration time of the record is a relative time (not an absolute time).
struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_CRYPTO_ecdsa_private_key_derive(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const char *label, const char *context)
Derive a private key from a given private key and a label.
Definition: crypto_ecc.c:734
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
Time for relative time used by GNUnet, in microseconds.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_decrypt_ecdsa()

enum GNUNET_GenericReturnValue block_decrypt_ecdsa ( const struct GNUNET_GNSRECORD_EcdsaBlock block,
const struct GNUNET_CRYPTO_EcdsaPublicKey zone_key,
const char *  label,
GNUNET_GNSRECORD_RecordCallback  proc,
void *  proc_cls 
)

Definition at line 381 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_aes_key(), ecdsa_symmetric_decrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_break, GNUNET_break_op, GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_ERROR_TYPE_INFO, GNUNET_GNSRECORD_records_deserialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_RF_SHADOW_RECORD, GNUNET_log, GNUNET_memcpy, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_absolute_get(), GNUNET_YES, KeyCacheLine::key, payload, GNUNET_GNSRECORD_EcdsaBlock::purpose, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by GNUNET_GNSRECORD_block_decrypt().

387 {
388  size_t payload_len = ntohl (block->purpose.size)
389  - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
390  - sizeof(struct GNUNET_TIME_AbsoluteNBO);
391  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
392  unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH];
393 
394  if (ntohl (block->purpose.size) <
395  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
396  + sizeof(struct GNUNET_TIME_AbsoluteNBO))
397  {
398  GNUNET_break_op (0);
399  return GNUNET_SYSERR;
400  }
402  key,
403  label,
405  zone_key);
406  {
407  char payload[payload_len];
408  uint32_t rd_count;
409 
410  GNUNET_break (payload_len ==
411  ecdsa_symmetric_decrypt (&block[1], payload_len,
412  key, ctr,
413  payload));
414  GNUNET_memcpy (&rd_count,
415  payload,
416  sizeof(uint32_t));
417  rd_count = ntohl (rd_count);
418  if (rd_count > 2048)
419  {
420  /* limit to sane value */
421  GNUNET_break_op (0);
422  return GNUNET_SYSERR;
423  }
424  {
425  struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)];
426  unsigned int j;
427  struct GNUNET_TIME_Absolute now;
428 
429  if (GNUNET_OK !=
430  GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t),
431  &payload[sizeof(uint32_t)],
432  rd_count,
433  rd))
434  {
435  GNUNET_break_op (0);
436  return GNUNET_SYSERR;
437  }
438  /* hide expired records */
439  now = GNUNET_TIME_absolute_get ();
440  j = 0;
441  for (unsigned int i = 0; i < rd_count; i++)
442  {
443  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
444  {
445  /* encrypted blocks must never have relative expiration times, skip! */
446  GNUNET_break_op (0);
447  continue;
448  }
449 
450  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))
451  {
452  int include_record = GNUNET_YES;
453  /* Shadow record, figure out if we have a not expired active record */
454  for (unsigned int k = 0; k < rd_count; k++)
455  {
456  if (k == i)
457  continue;
458  if (rd[i].expiration_time < now.abs_value_us)
459  include_record = GNUNET_NO; /* Shadow record is expired */
460  if ((rd[k].record_type == rd[i].record_type) &&
461  (rd[k].expiration_time >= now.abs_value_us) &&
462  (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)))
463  {
464  include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */
466  "Ignoring shadow record\n");
467  break;
468  }
469  }
470  if (GNUNET_YES == include_record)
471  {
472  rd[i].flags ^= GNUNET_GNSRECORD_RF_SHADOW_RECORD; /* Remove Flag */
473  if (j != i)
474  rd[j] = rd[i];
475  j++;
476  }
477  }
478  else if (rd[i].expiration_time >= now.abs_value_us)
479  {
480  /* Include this record */
481  if (j != i)
482  rd[j] = rd[i];
483  j++;
484  }
485  else
486  {
487  struct GNUNET_TIME_Absolute at;
488 
489  at.abs_value_us = rd[i].expiration_time;
491  "Excluding record that expired %s (%llu ago)\n",
493  (unsigned long long) rd[i].expiration_time
494  - now.abs_value_us);
495  }
496  }
497  rd_count = j;
498  if (NULL != proc)
499  proc (proc_cls,
500  rd_count,
501  (0 != rd_count) ? rd : NULL);
502  }
503  }
504  return GNUNET_OK;
505 }
This record should not be used unless all (other) records with an absolute expiration time have expir...
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
static void derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
uint64_t abs_value_us__
The actual value (in network byte order).
#define GNUNET_log(kind,...)
Time for absolute times used by GNUnet, in microseconds.
This expiration time of the record is a relative time (not an absolute time).
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
Definition: strings.c:758
ssize_t ecdsa_symmetric_decrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
Here is the call graph for this function:
Here is the caller graph for this function: